|
294141
|
- |
|
logoshows
|
logoshows_bbs
|
Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
|
CWE-89
SQL Injection
|
CVE-2009-4872
|
2017-09-19 10:30 |
2010-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294142
|
- |
|
scripts.oldguy
|
talkback
|
TalkBack 2.3.14 does not properly restrict access to the edit comment feature (comments.php), which allows remote attackers to modify comments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4874
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294143
|
- |
|
netrix
|
netrix_cms
|
admin/cikkform.php in Netrix CMS 1.0 allows remote attackers to modify arbitrary pages via a direct request using the cid parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4876
|
2017-09-19 10:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294144
|
- |
|
todd_rogers
|
phprecipebook
|
SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action.
|
CWE-89
SQL Injection
|
CVE-2009-4883
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294145
|
- |
|
sbuilder
|
cms_s.builder
|
PHP remote file inclusion vulnerability in index.php in CMS S.Builder 3.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in a binn_incl…
|
CWE-94
Code Injection
|
CVE-2009-4887
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294146
|
- |
|
basti2web
|
book_panel
|
SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter.
|
CWE-89
SQL Injection
|
CVE-2009-4889
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294147
|
- |
|
cs-cart
|
cs-cart
|
SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action.
|
CWE-89
SQL Injection
|
CVE-2009-4891
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294148
|
- |
|
webjump
|
webjump\!
|
SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.
|
CWE-89
SQL Injection
|
CVE-2009-4892
|
2017-09-19 10:30 |
2010-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294149
|
- |
|
david_degner
|
phpcollegeexchange
|
Multiple PHP remote file inclusion vulnerabilities in phpCollegeExchange 0.1.5c, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the home parameter…
|
CWE-94
Code Injection
|
CVE-2009-2218
|
2017-09-19 10:29 |
2009-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294150
|
- |
|
david_degner
|
phpcollegeexchange
|
Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the (1) _SESSION[handle] parameter to (a) home.php, …
|
CWE-79
Cross-site Scripting
|
CVE-2009-2219
|
2017-09-19 10:29 |
2009-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
